Free For Life
Identity ProtectionTM

Identity thieves are after you.
No matter how careful you
are, too many organizations
have your personal info and
too many of them are
hacked or have data breaches.

We’ve all been exposed. It’s only
a matter of time before identity
theft strikes you.

Verify Your Identity is Safe

We use cookies to improve your experience. By continuing to use this website you consent to our cookies. Learn more

Our Customers Say

Trusted by over 100,000 customers

Confirmation

There is already a Membership with this email address.
Select Login to access your existing membership, Continue to create a new
membership without changing the existing membership, or Cancel to stay on same page.

Children Stalked Using Hacked Smartwatch

A GPS-enabled SmartWatch used by Parents to track and communicate with their children (and elderly parents) has been shown vulnerable to hackers who can use to track the child’s location, falsify the location to parents add themselves as a parent and view information association with the account.

Many parents today are concerned that children are less safe
than they were when they themselves were young. Today parents want to know
where their children are at all times and know how to contact them. For children too young to be responsible for
their own smartphone, a smartwatch seems like an attractive option, combining
wearable features and durability. Those caring for the elderly who may have
dementia or have other mental or physical limitations may have similar
concerns. But if that device is hacked, it suddenly becomes a tracking device
telling the hacker not only the location of your child but a wealth of personal
information about them and your family.

There have been host of examples of poorly secured devices
aimed at children which exposed their information, their recorded voices or
their photographs to anyone on the Internet. But the TicTockTrack GPS-enabled SmartWatch
by Australian company iStaySafe allows hackers to identify the child’s location
as well as the that sensitive family information. This would potentially allow
the hacker to not only locate the child when he or she was away from school or
home but also approach the child knowing the names of the child and the parents
making social engineering far easier. After all, if you can tell a child,
“Kevin, I’m a friend of your mom Susan. She had a car accident and asked me to
pick you up from the park and take you home to your house on Maple Street,”
doesn’t that sound convincing?

Flaws Exposed Remain Unsolved

Often when security flaws like these are exposed in software on our smartphone or on our laptops a patch is issued within days and the problem is solved. Unfortunately, the fact that this is a hardware device may be causing a problem here since this flaw appears to have been exposed for at least a year! That means hackers know about it but there is no fix is in place.

Websites Pen Test Partners (for Penetration Test, the term
used in the cyber security industry for companies that test security
procedures) and TroyHunt go into far more detail than we can here about how the
hack works. They list some of the brand names beyond TicTockTrack such as
Gator, and the response of various government agencies around the world which
seems to be universal condemnation but just short of outright stopping them
from continuing to sell these unsecure devices.
Unfortunately, one of the problems with so much information about this
vulnerability being made available is it serves as a how-to for less skilled
hackers. There are already YouTube videos explaining how to get started.
Doesn’t that make you feel safe?

So What Should You Do?

One of the broader implications of this story is that location-based software running on any device can be hacked by third parties and used to track the location of your device. MyProfyle has discussed how certain types of hardware and apps such as weather apps are notorious for being “always on” and tracking your location and activity under their default settings and sometimes even when they are turned off. In these cases, you are trusting that these applications are secure or else they can be turned into tracking devices by third parties.

MyProfyle recommends that you keep the use of these apps to
a minimum and rely on web-based alternatives whenever possible. The slight
delays in getting the results you need come with the benefits of improved
security with the added bonus of more free space on your device from removing
unnecessary apps. We also recommend that you set up dummy profiles with false
names and email addresses for these accounts so that you can access your
information but no one can look you up to find your children or elderly parents
based on your name. It’s not foolproof – your location data is likely going to
remain in the system – but it’s a good start.

At MyProfyle, we believe this threat is further proof that
everyone’s information is at risk from many different sources and that we are
all exposed multiple times per year. The solution to identity fraud is not to
try to lock your identity or seek unobtainable privacy but to control your
identity – not just your credit – by putting yourself in the position know of,
approve or decline activity conducted in your name. That’s MyProfyle Free For
Life ™ Identity Protection.